package com.dasberg.gwt.server;

import com.dasberg.gwt.client.AuthenticationException;
import com.dasberg.gwt.client.AuthenticationToken;
import com.dasberg.gwt.domain.IToken;

/**
 * Authentication repository.
 * @author mischa
 */
public interface AuthenticationProvider {
    /**
     * Indicates if the given token is still valid. In case the token is still valid, the token's expiration time should be updated.
     * @param token The token.
     * @return <code>true</code> if the token is still valid, else <code>false</code>.
     */
    boolean isTokenValid(AuthenticationToken token);

    /**
     * Authenticate with the given username and password. If the username and password are incorrect an Authentication exception should be thrown.
     * @param username The username.
     * @param password The password.
     * @return token The token.
     */
    IToken authenticate(String username, String password) throws AuthenticationException;

    /** Deauthenticate the user. */
    void deauthenticate(AuthenticationToken token);

    /**
     * Indicates if a user is in the given role.
     * @param token The authentication token.
     * @param role The role.
     * @return <code>true</code> if the user is in the given role, else <code>false</code>.
     */
    boolean isUserInRole(AuthenticationToken token, String role);

    
}
